45 posts
  • Author Level 4
  • Exclusive Author
  • 4 Years of Membership
  • Algeria
+2 more
emonik
says

Hi guys,
I was wondering why there is no secure connection (https) in the marketplaces yet …( at least when attempting to log in , and when requesting withdrawal of our earnings )
A lot of us now a days use wireless options to access the internet ( i.e: maybe one day you will find your self obliged to use a WiFi hot spots, which are unsecured most of the time ), so capturing your log in info become a piece of cake !
I hope this will be implemented soon , because it will give us peace of mind and reduce fraud
What do you think guys ?

28 posts
  • Affiliate Level 1
  • Author Level 4
  • Beta Tester
  • Collector Level 2
+4 more
web2dev
says

Hi guys,
I was wondering why there is no secure connection (https) in the marketplaces yet …( at least when attempting to log in , and when requesting withdrawal of our earnings )
A lot of us now a days use wireless options to access the internet ( i.e: maybe one day you will find your self obliged to use a WiFi hot spots, which are unsecured most of the time ), so capturing your log in info become a piece of cake !
I hope this will be implemented soon , because it will give us peace of mind and reduce fraud
What do you think guys ?
+1
5492 posts
  • 5 Years of Membership
  • Affiliate Level 1
  • Australia
  • Author Level 3
+5 more
Australia
says

presumably because your payment details arent stored on Envato

45 posts
  • Author Level 4
  • Exclusive Author
  • 4 Years of Membership
  • Algeria
+2 more
emonik
says

presumably because your payment details arent stored on Envato
It doesn’t matter !, since intruders listening to the network I’m connected to can capture my username and password, then they have full access to my account, they can request withdrawal of my earnings ( Let’s take the worst scenario and say I’ll go on a holiday for 20days ) , so when I’m back the request has been processed and my money are gone … I guess envato can do nothing about it since everything seemed to be fine for them !
What’s wrong with using a secure connection ? it would avoid such a mess, don’t you agree ?
5492 posts
  • 5 Years of Membership
  • Affiliate Level 1
  • Australia
  • Author Level 3
+5 more
Australia
says

Still dont get you, I add funds via Paypal, not Envato.

So my user pass for Payments is via Paypal not these Marketplaces.

+ are you stating you use same username / password combo for Paypal and Envato ? thats a tad worrying

5441 posts
  • Author Level 11
  • Moderator
  • Winner
  • 6 Years of Membership
+20 more
dtbaker
Moderator
says

Securing the marketplace has been discussed a number of times in the past here on the forums. If it happens it will most likely be for the login process only (like what facebook did initially) and then later on scale it out to the entire marketplace. Implementing SSL is quite tricky, I’m sure they will get onto it when more pressing features are finished.

45 posts
  • Author Level 4
  • Exclusive Author
  • 4 Years of Membership
  • Algeria
+2 more
emonik
says

Still dont get you, I add funds via Paypal, not Envato.

So my user pass for Payments is via Paypal not these Marketplaces.

+ are you stating you use same username / password combo for Paypal and Envato ? thats a tad worrying
I see there was a misunderstanding in here, I meant my account in the marketplaces, not my PayPal account or something similar ( don’t worry I don’t use same password :) ).
What I was talking about is that our accounts might be taken over by intruders …and that they can do what ever they want with them ( like draining our accounts from all the money we have earned :( ) , since we don’t login in a secure way ( our login data won’t be encrypted while it travel the web to reach envato servers ).
I hope I was clear enough !
5492 posts
  • 5 Years of Membership
  • Affiliate Level 1
  • Australia
  • Author Level 3
+5 more
Australia
says

We have just done evo ssl the one with green thing, on a large site. It was a nightmare configuring the code.

I think standard ssl certs are far more forgiving. The issues we faced, were any site that holds “Credit” on account, as envato do, will find it nigh on impossible for highest level of protection. But standard ssl should be easy enough, esp just for login info.

The issue as i see it only would apply to login / registration and these days https should be pretty much a given for any site with a userbase, if not purely for security, at least for reassurance.

973 posts
  • Affiliate Level 2
  • Author Level 4
  • Beta Tester
  • Collector Level 4
+6 more
aaranmcguire
says

In my opinion this could improve the trust of new customers of Envato when people see something is HTTPS there more likely to trust the site, and it helps the authors with security.

2280 posts
  • Top Monthly Author
  • Weekly Top Seller
  • Community Superstar
  • Industrious API Inventor
+15 more
revaxarts
says
Sorry, but I have to bump these old threads!

We need SSL across all marketplaces!

Tuts+ Premium Account Security Compromised

by
by
by
by
by
by